This section contains the following information about securing the Disaster Recovery framework:
The Disaster Recovery framework bases its rights profiles on the rights profiles that are used in the Oracle Solaris Cluster software. For general information about setting up and assigning rights profiles with Oracle Solaris Cluster software, refer to Chapter 2, Oracle Solaris Cluster and User Rights in Administering an Oracle Solaris Cluster 4.4 Configuration.
The Disaster Recovery framework adds the following rights entries to the appropriate rights database in the /etc/security directory:
Authentication names to auth_attr
Execution profiles to prof_attr
Execution attributes to exec_attr
The Disaster Recovery framework CLI and the Oracle Solaris Cluster Manager browser interface use rights profiles to control end-user access to operations. The general conventions for these rights are described in Table 1, Disaster Recovery Framework Rights Profiles.
|
The Disaster Recovery framework partner clusters communicate using transport services and ICMP echo requests and replies (pings). Their packets must therefore pass data center firewalls, including any firewalls configured on cluster nodes in partner clusters. The table below contains a list of required and optional services and protocols used by Disaster Recovery framework partnerships, and the associated ports that you must open in your firewalls for these services to function. The ports listed are defaults, so if you customize the port numbers serving the specified transfer protocols, the customized ports must be opened instead.
Ports other than those listed in Table 2, Ports and Protocols Used by Disaster Recovery Framework Partnerships - Required Services and Table 3, Ports and Protocols Used by Disaster Recovery Framework Partnerships - Optional Services might be required by storage replication services. See product documentation for details.
|
|
This section provides the information about the following methods to secure communication between partner clusters:
You must configure the Disaster Recovery framework for secure communication between partner clusters. The configuration must be reciprocal, so cluster cluster-paris must be configured to trust its partner cluster cluster-newyork, and cluster cluster-newyork must be configured to trust its partner cluster cluster-paris.
For information and procedures to set up security certificates for partner clusters, see Configuring Trust Between Partner Clusters.
You can use IP Security Architecture (IPsec) to configure secure communication between partner clusters. IPsec enables you to set policies that permit or require either secure datagram authentication, or actual data encryption, or both, between machines communicating by using IP.
Consider using IPsec for secure TCP/UDP heartbeat communications.
IPsec uses two configuration files:
IPsec policy file, /etc/inet/ipsecinit.conf. Contains directional rules to support an authenticated, encrypted heartbeat. The contents of this file are different on the two clusters of a partnership.
IPsec keys file, /etc/init/secret/ipseckeys. Contains keys files for specific authentication and encryption algorithms. The contents of this file are identical on both clusters of a partnership.
Observe the following guideline when using IPsec for secure inter-cluster communication:
Oracle Solaris Cluster software and Disaster Recovery framework software support IPsec by using only manual keys. Keys must be stored manually on the cluster nodes for each combination of server and client IP address. The keys must also be stored manually on each client.
In the Disaster Recovery framework infrastructure, the hostname of a logical host is identical to the cluster name. The logical hostname is a special HA resource. You must set up a number of IP addresses for various Disaster Recovery framework components, depending on your cluster configuration.
On each partner cluster, you must configure encryption and authorization for exchanging inbound and outbound packets from a physical node to the logical-hostname addresses. The values for the Oracle Solaris IP Security Architecture (IPsec) configuration parameters on these addresses must be consistent between partner clusters.
Refer to Securing the Network in Oracle Solaris 11.4 for more information about IPsec.